http://bluebox.com/labs/android-security-challenge/
This challenge isn’t just about mucking around in DVM internals; it also leverages many tricks in APK file packaging. Sure, it is basically a Zip file format, but how Android parses an APK deviates from how standard Zip tools work. Our challenge crackme leveraged discrepancies in Zip file handling to make it harder to analyze the APK file. In other words most Zip file unpacker are not able to extract the files within our APK. This is because Android while processing an APK doesn’t use all fields within the Zip file header. It basically ignores some of them, this includes the ‘isEncrypted’ flag of the ‘General purpose bit flag’ field. Android just assumes that files are not encrypted. Unpacker instead have to take care about this flag and so they are prompting the user for a password, which does not exists because the files are not encrypted. To give you an idea what this means, we have prepared a well known malware sample and uploaded it to virustotal.com. As you can see in Figure 3, making modifications to the ZIP internals of the APK causes the detection rate to drop since analysis system is not able to look inside the APK itself. The behavioural analysis was also skipped (presumably due to inability to load the APK file), indicated by the missing behavioral analysis report link in the screenshot
我把app.apk和unpack.py放在同一个文件夹后,用python2.6.6运行unpack.py,结果出现
Traceback (most recent call last):
File "D:\a\unpack.py", line 16, in <module>
import argparse
ImportError: No module named argparse
请问这是什么问题
